I'm trying to put some anti sql injection in place in java and am finding it very difficult to work with the the "replaceAll" string function. Ultimately I need a function that will convert any existing \
to \\
, any "
to \"
, any '
to \'
, and any \n
to \\n
so that when the string is evaluated by MySQL SQL injections will be blocked.
I've jacked up some code I was working with and all the \\\\\\\\\\\
in the function are making my eyes go nuts. If anyone happens to have an example of this I would greatly appreciate it.